Pivotal Payments' FlexPoint can take the POS application out of scope for PCI PA-DSS

Published: October 7, 2015

Pivotal Payments, a leading provider of technology-driven global payment processing solutions, today released a white paper written by Coalfire, a leader in cybersecurity risk management and compliance services, describing how the FlexPoint integrated payments platform allows developers to achieve an "out of scope" solution for their point of sale (POS) applications. Developers and integrators face significant investment in achieving and maintaining Payment Card Industry (PCI) compliance. FlexPoint delivers a highly secure yet simplified method for ISVs and VARs to integrate with their merchants’ payment systems.

Pivotal Payments engaged Coalfire Systems Inc., a respected PCI Payment Application Qualified Security Assessor (PA-QSA), to conduct an independent technical assessment of its proprietary FlexPoint application. Coalfire performed technical testing, architectural assessment and compliance assessment, with the resulting analysis outlining how the FlexPoint application, when properly deployed can remove an ISV’s POS solution from the scope of the Payment Application Data Security Standard (PA-DSS).

Key benefits of FlexPoint’s integrated payment solution:

"We’ve made it extremely simple for our partners and merchants to reduce the resources necessary to manage their payment security infrastructure,” said Joe Lane, senior vice president of FlexPoint, a division of Pivotal Payments. "With traditional full integration, POS developers are required to work with an integrated payment device and middleware provider. Even if the data that passes through the POS is encrypted, the POS still remains in scope for PCI. With FlexPoint, no PCI data ever enters the POS."

solution sheet